Skip to main content
FoxPointe FoxPointe
  • Services
    • Cyber Risk, Assurance and Compliance
    • IT Audit
    • Penetration Testing
    • General Consulting
    • Virtual Chief Information Security Officer (vCISO)
  • About Us
    • Management Team
    • Credentials
    • Careers
  • Resources
    • Events
    • News
    • Videos
    • Whitepapers
  • Blog
  • Contact Us
FoxPointe
  • Services
    • Cyber Risk, Assurance and Compliance
    • IT Audit
    • Penetration Testing
    • General Consulting
    • Virtual Chief Information Security Officer (vCISO)
  • About Us
    • Management Team
    • Credentials
    • Careers
  • Resources
    • Events
    • News
    • Videos
    • Whitepapers
  • Blog

Enter Keywords

  1. Home
  2. Blog

FoxPointe Security Hub

New Cybersecurity Expectations for Accounting Firms and Tax Preparers

December 2, 2019 by Charlie Wood | PCI QSA, CISA, CRISC, CISM About the Author

On the heels of New York passing the Stop Hacks and Improve Electronic Data Security (SHIELD) Act in September 2019, the IRS issued a warning to tax preparers and accounting firms to ensure that they appropriately secure their customer data against the “evolving” and “sophisticated” techniques used by cybercriminals to access their systems. The warning identified several simple steps that firms can take to limit their risk of sensitive data loss. These best practices included, among others, the following:

  • Use of strong passwords. Stay away from obvious words or phrases and utilize different cases, numbers, and special characters. Regularly change these passwords and encourage employees to do the same.
  • Use of anti-phishing software. Invest in a solution that can help effectively identify, block, and warn you about phishing content sent via email or found online. Reassess how this software is meeting your needs annually as your business grows and cyberthreats evolve.
  • Security awareness training for staff. Your cybersecurity protection is only as good as your weakest link which could be an uninformed employee. Train your entire staff annually on cybersecurity best practices.
  • Backing up critical systems. Back-ups should take place nightly so you’re never at risk of losing more than a day’s worth of important data.
  • Strong security policies and procedures. All employees should be required to acknowledge receipt of comprehensive policies about the acceptable use of computing. As part of this, every employee-related information technology policy should have a section outlining what may happen to an employee should they violate the rules.
  • Incident response preparedness. In today’s cybersecurity landscape, it’s not a matter of if a data breach will occur, but when. You need to be prepared to act immediately when a cyberattack hits your business. An incident response plan should be tested annually and updated as needed based on new risks and any changing business circumstances.

Failure to adequately protect customer data against cyberattacks can result in costly fines – up to $250,000 under the Shield Act – as well as irreparable reputational damage and litigation by impacted clients. To help accounting firms and tax preparers remain in compliance with all federal and state cybersecurity laws, FoxPointe Solutions can help identify the weak or vulnerable security controls that could potentially lead to a data breach. Specifically, we offer the following:

  • Comprehensive cybersecurity review
  • Internal and external vulnerability scanning and analysis
  • Penetration testing
  • Policy and procedure creation / review
  • Security awareness training
  • Quarterly cybersecurity newsletter detailing latest threats and risks

At FoxPointe Solutions, we offer simple, cost effective security solutions to help limit your exposure to cybercriminals and protect customer data as required under the law. Contact us to learn more.

FoxPointe Solutions is solely responsible only for the content of FoxPointe Solutions authored information and is subject to change at any time. Any forward-looking statements are not predictions. FoxPointe Solutions is not responsible for any errors or omissions, or for the results obtained from the use of this information. Questions regarding your legal or compliance position should be addressed through your legal counsel, security advisor and/or your relevant standard authority. Nothing contained herein should be used nor relied upon as advice nor constitute a consultant-client relationship.

Subscribe

Subscribe to receive new articles and resources from our information risk management experts directly in your inbox as soon as they're available.

Subscribe Now

Archive   Archive
Share
Twitter Facebook LinkedIn
  • Topics
  • Authors
  • Data Security (13)
  • Data Privacy (15)
  • Compliance (4)
  • Risk Management (8)
  • Cybersecurity Alert (7)
  • Cybersecurity (25)
  • Archive (34)
  • Charlie Wood | PCI QSA, CISA, CRISC, CISM
  • Carl Cadregari | CISA, CCSFP, CTPRP
  • Allison Hall | PCIP, CCSFP
  • Courtney Caryl | CCSFP, CHQP
Let us show you how we can help
Request Quote
FoxPointe

171 Sully's Trail
Pittsford, NY 14534

Call 844-726-8869
or Contact Us

Subscribe to the Blog

Services
Cyber Risk, Assurance and ComplianceIT AuditPenetration TestingGeneral ConsultingVirtual Chief Information Security Officer (vCISO)
Company
Management TeamAbout UsBlogCareersPrivacy Policy
©2023 FoxPointe
Website by Corporate Communications, Inc.
We use cookies and other technologies to optimize site functionally, analyze website traffic, and share information with our service and analytics partners. To view our Privacy Policy, which discusses cookies, click here. By continuing to use & browse our services, you agree to our Privacy Policy, our use of cookies, and the Terms and Conditions.